Tiny Core Linux

Tiny Core Extensions => TCE Q&A Forum => Topic started by: lizardidi on November 12, 2024, 12:59:26 AM

Title: TCL 15.0 64bit... How to start and use Firewalld? (ie. How to set up Firewall?)
Post by: lizardidi on November 12, 2024, 12:59:26 AM
Good day, TCL Forumers!

In 32 bit TCL, we set up firewall using a scripts from iptables.tcz... How about TCL64? In 64 bit version, there is an extension named Firewalld. Upon downloading and loaded the extension, i tried to start Firewalld according to the instruction in tce-load:
Quote
sudo firewalld
An error occured which is dbus module not found.

So I start dbus with:
Quote
sudo /usr/local/etc/init.d/dbus start

Now dbus is running, but I still get the dbus not running error, and Firewalld is not starting.

Well, I must have done some steps wrong. The topic about Firewalld on this forum is scarce... Can someone shine some light for me regarding how to set up a proper firewall for basic home computing tasks. Found 2 results from google search about Firewalld for tinycore forum:

https://forum.tinycorelinux.net/index.php/topic,23732.15.html

https://forum.tinycorelinux.net/index.php/topic,21180.0.html (https://forum.tinycorelinux.net/index.php/topic,21180.0.html)


Both topics did not provide enough details to set up firewalld.

I would happily accept any other suggestions, other than firewalld, if there's other. A search for UFW in repo return negative result.

 :D :D :D

    [Edit]: Removed Google gobbledygook from first link. Removed redundant second link.  Rich
 
Title: Re: TCL 15.0 64bit... How to start and use Firewalld? (ie. How to set up Firewall?)
Post by: curaga on November 12, 2024, 01:56:16 AM
iptables works on all platforms?
Title: Re: TCL 15.0 64bit... How to start and use Firewalld? (ie. How to set up Firewall?)
Post by: gadget42 on November 12, 2024, 02:47:37 AM
humble request to an admin/mod regarding a couple links above. could these be cleaned up(there is no need to have anything more than the direct forum thread urls). thanks.
Title: Re: TCL 15.0 64bit... How to start and use Firewalld? (ie. How to set up Firewall?)
Post by: Rich on November 12, 2024, 08:26:19 AM
Hi gadget42
Done.
Title: Re: TCL 15.0 64bit... How to start and use Firewalld? (ie. How to set up Firewall?)
Post by: GNUser on November 12, 2024, 12:28:03 PM
Quote from: lizardidi on November 12, 2024, 12:59:26 AM
I would happily accept any other suggestions, other than firewalld, if there's other. A search for UFW in repo return negative result.
Hi lizardidi. I'm sure iptables.tcz is available in every TCL version. 64-bit repo also has nftables.tcz. I personally use nftables for firewall and am very happy with it.
Title: Topic renamed to => How to set up Firewall for Tiny Core
Post by: lizardidi on November 25, 2024, 10:51:01 PM
Quote from: GNUser on November 12, 2024, 12:28:03 PM
Quote from: lizardidi on November 12, 2024, 12:59:26 AM
I would happily accept any other suggestions, other than firewalld, if there's other. A search for UFW in repo return negative result.
Hi lizardidi. I'm sure iptables.tcz is available in every TCL version. 64-bit repo also has nftables.tcz. I personally use nftables for firewall and am very happy with it.

Thanks @GNUser!!!
Last week I tried iptables.tcz. Can I verify few important information:

After I tce-load -wi iptables.tcz (ie. load iptables on every boot), do I need to key in any command to start or activate the iptables rules?

When type "sudo iptables -L", I can see by default it applied a set of rules. Is this sufficient, or the correct way to setup a basic firewall?
Below are the command I typed:
Quote
sudo iptables -P INPUT DROP
sudo iptables -P FORWARD DROP
sudo iptables -P OUTPUT ACCEPT

sudo iptables -A INPUT -p icmp -j ACCEPT
sudo iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

sudo iptables -A INPUT -p tcp -j REJECT --reject-with icmp-port-unreachable
sudo iptables -A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable
sudo iptables -A INPUT -j REJECT --reject-with icmp-proto-unreachable

Below are my iptables output:
Quote
tc@box:~$ sudo iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     icmp --  anywhere             anywhere           
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ES       TABLISHED
ACCEPT     all  --  anywhere             anywhere           
REJECT     tcp  --  anywhere             anywhere             reject-with tcp-re       set
REJECT     udp  --  anywhere             anywhere             reject-with icmp-p       ort-unreachable
REJECT     all  --  anywhere             anywhere             reject-with icmp-p       roto-unreachable

Chain FORWARD (policy DROP)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination 

Do I need to add these into /opt/bootlocal.sh to so they run on every boot?

Title: Re: TCL 15.0 64bit... How to start and use Firewalld? (ie. How to set up Firewall?)
Post by: Rich on November 26, 2024, 12:06:16 AM
Hi lizardidi
The 32 bit version of iptables includes a basic-firewall script
which for some reason was not included in the 64 bit version.

I've attached a copy. Maybe it will serve your needs, or you
could adapt it to meet your needs.

Save it to /usr/local/sbin/.
Then:
Code: [Select]
sudo chmod 755 /usr/local/sbin/basic-firewall
echo usr/local/sbin/basic-firewall >> /opt/.filetool.lst
filetool.sh -b
Those 3 steps:
1. Made the script executable.
2. Added the script to your backup list.
3. Backed up the script.

If you edit the script, run:
Code: [Select]
filetool.sh -bso your changes survive when you reboot.
Title: Re: TCL 15.0 64bit... How to start and use Firewalld? (ie. How to set up Firewall?)
Post by: lizardidi on November 27, 2024, 02:54:22 AM
Thanks @Rich!

Replace my iptable rules with the basic-firewall script, since both ChatGpt and Microsoft Copilot Ai agreed that the "basic" firewall will provide a solid protection for basic usage.  ;D ;D ;D